Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E3FD866C32911EF8DEC1B94762E951A.roa
File: 4E3FD866C32911EF8DEC1B94762E951A.roa (raw, json)
Hash identifier: 628TZblzAVOqkmVT4E7CxTZd8zfSkWIL+3DAyNab1x8=
Subject key identifier: 3F:6B:FE:2F:98:FF:CF:72:33:07:07:DE:ED:39:C0:FD:49:57:F0:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAB1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E3FD866C32911EF8DEC1B94762E951A.roa
Signing time: Thu 26 Dec 2024 01:32:45 +0000
ROA not before: Thu 26 Dec 2024 01:32:41 +0000
ROA not after: Wed 10 Dec 2025 01:32:41 +0000
asID: 984
IP address blocks: 156.243.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60081 (0xeab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:32:41 2024 GMT
Not After : Dec 10 01:32:41 2025 GMT
Subject: CN=676cb23d-aef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:91:cf:a3:25:ad:f8:9c:dd:bd:a4:27:41:
e8:4f:5e:2e:2d:16:fe:56:67:de:d6:65:bc:d2:da:
ba:30:da:2a:68:5b:61:4d:04:c1:15:a9:84:b2:67:
16:1e:39:fc:c2:ff:8a:d8:8e:54:d4:70:2d:53:58:
cf:34:17:87:43:2f:e5:7d:41:d2:1e:5d:17:a3:49:
e8:1a:45:ed:ef:70:ff:0c:17:62:f5:67:ef:d2:e2:
d2:da:bb:9f:71:47:87:14:7b:e6:6d:bc:02:79:5f:
8d:78:cd:a8:62:41:7f:b3:e6:d6:76:34:19:3c:f3:
2b:81:84:43:5a:d6:a5:bc:17:01:f3:c5:42:08:7b:
0b:23:ed:70:7d:43:cf:62:f6:ad:e3:9f:7a:60:d6:
19:da:bc:79:5a:47:e4:69:a8:bc:b6:d6:e0:24:4c:
05:df:0b:6c:71:4f:08:0e:a4:26:26:6b:b3:6d:fa:
74:77:fe:cc:2a:af:fc:e4:36:f3:7d:cb:1d:49:f9:
b2:58:e9:8f:17:b8:8b:86:4f:95:0e:6b:38:98:6b:
57:53:75:84:c0:1a:9a:df:7e:9d:2f:28:fd:80:9f:
e7:01:bd:cb:ae:c9:ea:46:71:fa:f6:38:54:f7:f5:
e3:c1:47:36:fc:83:89:c8:62:8b:ab:51:dc:c3:1a:
33:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6B:FE:2F:98:FF:CF:72:33:07:07:DE:ED:39:C0:FD:49:57:F0:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E3FD866C32911EF8DEC1B94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b2:52:49:24:d7:e9:e3:a5:1e:12:64:55:8d:9f:03:97:3c:
76:5b:62:3d:75:1b:ba:c4:38:73:4a:54:97:d4:db:5d:36:6b:
9e:bd:f1:b6:29:45:d5:90:34:fc:53:8b:52:e3:1f:da:f7:76:
ac:f7:3a:ef:34:ef:3f:5f:9e:38:15:f5:b8:6f:bb:a0:77:14:
d1:bf:88:40:a5:ed:be:19:ef:d8:22:76:ba:f3:40:78:e9:41:
c7:70:cc:72:84:69:4e:6d:67:77:52:55:a5:78:aa:f0:37:e3:
cc:2b:4c:a2:cd:07:20:4f:cc:91:0c:36:7f:93:93:72:e4:d0:
e6:1c:5e:03:e3:41:00:18:c1:56:62:49:6a:bb:1b:9b:7a:e0:
7f:00:fc:ca:2d:b4:0c:6f:77:1c:b4:48:34:d4:ac:0e:9e:e9:
db:f3:61:c6:7e:39:eb:df:54:d2:76:b1:38:db:c0:e1:d1:73:
b7:61:d4:04:cc:2e:ad:07:a2:3a:2f:98:1e:82:57:9c:db:4f:
57:59:e2:c0:6f:ac:80:c9:96:b7:a0:10:60:5a:38:15:de:0b:
69:cd:ba:84:17:ef:3f:f4:55:96:1e:82:64:24:29:55:41:d5:
f1:e7:23:2b:f8:b5:64:0d:78:ff:b5:83:67:87:80:97:d2:3b:
08:45:a5:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEzMjQxWhcNMjUxMjEwMDEzMjQxWjAYMRYw
FAYDVQQDEw02NzZjYjIzZC1hZWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsiKRz6Mlrfic3b2kJ0HoT14uLRb+Vmfe1mW80tq6MNoqaFthTQTBFamE
smcWHjn8wv+K2I5U1HAtU1jPNBeHQy/lfUHSHl0Xo0noGkXt73D/DBdi9Wfv0uLS
2rufcUeHFHvmbbwCeV+NeM2oYkF/s+bWdjQZPPMrgYRDWtalvBcB88VCCHsLI+1w
fUPPYvat4596YNYZ2rx5Wkfkaai8ttbgJEwF3wtscU8IDqQmJmuzbfp0d/7MKq/8
5DbzfcsdSfmyWOmPF7iLhk+VDms4mGtXU3WEwBqa336dLyj9gJ/nAb3LrsnqRnH6
9jhU9/XjwUc2/IOJyGKLq1HcwxozEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD9r
/i+Y/89yMwcH3u05wP1JV/DpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTNGRDg2NkMzMjkxMUVGOERFQzFCOTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOYMA0GCSqGSIb3DQEBCwUA
A4IBAQBPslJJJNfp46UeEmRVjZ8Dlzx2W2I9dRu6xDhzSlSX1NtdNmuevfG2KUXV
kDT8U4tS4x/a93as9zrvNO8/X544FfW4b7ugdxTRv4hApe2+Ge/YIna680B46UHH
cMxyhGlObWd3UlWleKrwN+PMK0yizQcgT8yRDDZ/k5Ny5NDmHF4D40EAGMFWYklq
uxubeuB/APzKLbQMb3cctEg01KwOnunb82HGfjnr31TSdrE428Dh0XO3YdQEzC6t
B6I6L5geglec209XWeLAb6yAyZa3oBBgWjgV3gtpzbqEF+8/9FWWHoJkJClVQdXx
5yMr+LVkDXj/tYNnh4CX0jsIRaVc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:56 2025 by rpki-client